I live in an authoritarian country. I have a group of friends & acquaintances from a political organization who have asked me to deliver a presentation on security & privacy (specifically for activists). Although I’m somewhat well-wersed in tech, I’m not so confident and there may be things that I might miss. What are some of the things that are often overlooked and I must mention? Thank you.
https://ssd.eff.org/playlist/journalist-move
The EFF has some very good literature on what journalists should be doing as best practices, reviewing that material would be a good starting point
It’s important to be libre and open source.
If someone claims somefhing without source, you cant trust it.
Source? /s
Claude Shanon.
You made me smile and laugh! Well done.
Glad at least one person got it!
Merci.
Stay safe
I am, but my fellows aren’t. My internet connection for the past 3 years have not been without Tor or VPN.
Two factor auth should be a whole section, and tell people not to use SMS. Mention SIM swap attacks and stingray devices
Tell people setting up 2FA with SMS usually makes their accounts less secure, and only to use TOTP or hardware tokens.
My most important issue is that phone number is a deanon - your main phone number has to be tied to your ID, so the only option would be a longtime rental, which would get expensive, especially if it is one number per each service.
When I do these trainings I tell them never to enter a phone number into an account because its a huge risk
Ideally just don’t have a phone number at all
Monero for private secure transactions